Test your Test Environment
Getting to know the Testing Suite
Once you've set up the necessary tools, you're ready to run the profile. The testing environment is determined by Test Kitchen using environment variables.
There are four testing environments to choose from:
- AWS VPC Testing: This environment uses an AWS VPC for testing.
- Docker Testing: This environment uses Docker containers for testing.
- Vagrant Testing: This environment uses Vagrant virtual machines for testing.
- Local Testing: This environment uses your local machine for testing.
The specifics of each environment's configuration are detailed in the following sections.
Getting Your First Test Kitchen (TK) Run
For each of these examples, you need to update the KITCHEN_LOCAL_YAML
environment variable to point to the correct kitchen.<TEST-TARGET>.yaml
file. Ensure that any required supporting environment settings, environment variables, profiles, etc., are in place. See Environment Variables and Testing Target Environments for more information.
Learn more about the Test Kitchen project at: kitchen.ci
Kitchen Stages
Test Kitchen has four major steps: create
, converge
, verify
, and destroy
. Use these stages to create, configure, run tests, and destroy your testing target. When starting your testing, it's useful to run each of these in turn to ensure your environment, Test Kitchen, and credentials are set up and working correctly.
create
:
Thecreate
stage sets up your testing instance and prepares the necessary login credentials and other components so you can use your testing target.converge
:
Theconverge
stage runs the provisioner of the Test Kitchen suite - the configuration management code set up in the test suite. This could be any configuration management script, such as Ansible, Chef, Puppet, Terraform, Shell, etc., that you and your team use.verify
:
Theverify
stage runs the actual InSpec profile against your testing target. Test Kitchen supports multiple testing frameworks, which are well documented on the project website.destroy
:
Thedestroy
stage tears down your test target - like an EC2 instance, Docker container, or Vagrant Box.
During your testing, you will use each of these steps to run the full profile, run individual controls (using the INSPEC_CONTROL
environment variable), and manage your test instances. You will also use other Test Kitchen commands, such as login
, test
, and others, which are documented on the Test Kitchen Project page.
You can also isolate which of the 'target suites' - either vanilla
or hardened
in our case - to run by appending either hardened
or vanilla
to the end of your Test Kitchen command. For example, bundle exec kitchen verify
will run the Test Kitchen stages all the way through verify
on both the hardened
and vanilla
suites. However, if you say, bundle exec kitchen verify vanilla
, it will only run it on the vanilla
test target.
Useful Test Kitchen Commands
login
: Allows you to easily log in using the credentials created when you ranbundle exec kitchen create
.test
: Runs all the Test Kitchen stages starting with create through destroy to easily allow you to go through a full clean test run.